The article 17 right to be forgotten aka the right to erasure is not absolute.
Assuming you lawfully recorded the email address, if the email address is necessary for the purpose for which you collected or otherwise processed it then you aren't obliged to erase the email address on request.
Seems to me you have a 'legitimate interest' under article 6(f) to store the email address - if it's personal data. An email address isn't necessarily personal data.
(Your right of freedom of expression, with regard to what your platform publishes/serves to the public, may be relevant, in which case the right to erasure cannot be applied.)
GDPR & EPD require user consent before storing a users personalinformation.
GDPR does not require consent. Consent is one of the six lawful bases (see Article 6) for processing personal data.
The EPD seems irrelevant in the context. You do not want to market to these email addresses. You do not want to store data on their devices.
[edit]
I contacted the Information Commissoner's Office for guidance. The ICO is the UK's data protection authority. The guidance was:
If you can justify the necessity of keeping the email address on the blacklist it is lawful to keep it
The rights to object and to erasure are not absolute and can be refused in some circumstances, e.g. when the organisation can justify that it's necessary to keep the data
An automated process for refusing erasure requests in the context is lawful provided you can justify refusing each request
I recommend you seek guidance to satisfy yourself about your particular circumstances and concerns.
